Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

MDL-28350 prevent bogus role assignment via externallib

  • Loading branch information...
commit f2b1a6c2adc63bdaa5d26a2ddf077a62ae0b38b9 1 parent 93d82f4
@skodak skodak authored
Showing with 13 additions and 1 deletion.
  1. +13 −1 enrol/externallib.php
View
14 enrol/externallib.php
@@ -121,7 +121,7 @@ public static function get_enrolled_users($courseid, $withcapability = null, $gr
$profilimgurlsmall = moodle_url::make_pluginfile_url($enrolleduser->usercontextid, 'user', 'icon', NULL, '/', 'f2');
$resultuser = array(
'courseid' => $enrolleduser->courseid,
- 'userid' => $enrolleduser->userid,
+ 'userid' => $enrolleduser->userid,
'fullname' => fullname($enrolleduser),
'profileimgurl' => $profilimgurl->out(false),
'profileimgurlsmall' => $profilimgurlsmall->out(false)
@@ -271,6 +271,12 @@ public static function role_assign($assignments) {
self::validate_context($context);
require_capability('moodle/role:assign', $context);
+ // throw an exception if user is not able to assign the role in this context
+ $roles = get_assignable_roles($context, ROLENAME_SHORT);
+ if (!key_exists($assignment['roleid'], $roles)) {
+ throw new invalid_parameter_exception('Can not assign roleid='.$assignment['roleid'].' in contextid='.$assignment['contextid']);
+ }
+
role_assign($assignment['roleid'], $assignment['userid'], $assignment['contextid']);
}
@@ -327,6 +333,12 @@ public static function role_unassign($unassignments) {
self::validate_context($context);
require_capability('moodle/role:assign', $context);
+ // throw an exception if user is not able to unassign the role in this context
+ $roles = get_assignable_roles($context, ROLENAME_SHORT);
+ if (!key_exists($unassignment['roleid'], $roles)) {
+ throw new invalid_parameter_exception('Can not unassign roleid='.$unassignment['roleid'].' in contextid='.$unassignment['contextid']);
+ }
+
role_unassign($unassignment['roleid'], $unassignment['userid'], $unassignment['contextid']);
}
Please sign in to comment.
Something went wrong with that request. Please try again.